<?php
/*********************************************************************\
* This File is a part of BH-PANEL (Breizh-Heberg Panel v2.1)
* Copyright (C) 2008-2009 the BH Developpers : Vincent Giersch <mail@vincordi.fr>, Cyprien Laleau <fanning.fr@gmail.com> and Edwin Cabiten <marmottes44@hotmail.fr>
* See file AUTHORS to get more informations

* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.

* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.

* You should have received a copy of the GNU General Public License
* along with this program.  If not, see <http://www.gnu.org/licenses/>.
/*********************************************************************/

$title = "Connexion";
$tplinc = "site-connexion";
if(!isset($_SESSION['u_nic'])) {
	if(isset($_POST['nic'])) {
		$nic = intval(strtr($_POST['nic'], "-BW", ""));
		if($nic == '0') {
			$parse = 1;
			$tpl->assign(array(
				'error_connec' => 1
			));
		}
		else {
			$connexion = query("SELECT 
								users_password.u_crypt,
								users_password.u_nic,
								users.u_nic,
								users.u_auth,
								users.u_perso
								FROM users_password 
								LEFT JOIN users
								ON users.u_nic=users_password.u_nic
								WHERE users_password.u_nic='$nic'");
			if(mysql_num_rows($connexion) == 0) {
				$parse = 1;
				$tpl->assign(array(
					'error_connec' => 1
				));
			}
			else {
				$connexion = mysql_fetch_array($connexion);
				if($connexion['u_crypt'] == "1") { $u_password = sha1($_POST['pass']); } else { $u_password = md5($_POST['pass']); }
				$connec = mysql_fetch_array(query("SELECT COUNT(*) AS connec FROM users_password WHERE u_nic='$nic' and u_password='$u_password'"));
				if($connec['connec'] == 1) {
					if($_POST['auto'] == 'on') {
						setcookie("u_nic", $nic, time()+3600*24*365, '/');
						setcookie("u_password", $u_password, time()+3600*24*365, '/');
						setcookie("u_crypt", $connexion['u_crypt'], time()+3600*24*365, '/');
					}
					query("UPDATE users SET u_lastconnc_ip = '".$_SERVER['REMOTE_ADDR']."', u_lastconnc_time = CURRENT_TIMESTAMP WHERE u_nic='$nic'");
					$_SESSION['u_nic'] = $nic;
					$_SESSION['u_auth'] = $connexion['u_auth'];
					$_SESSION['u_perso'] = json_decode($connexion['u_perso'], true);
					if(isset($_SESSION['commande_dom'])) {
						header("Location: /offres/domaines/commande.html");
					}
					elseif(isset($_SESSION['commande_heberg_offre'])) {
						header("Location: /offres/hebergement/commande.html");
					}
					else {
						header("Location: /site/index.html");
					}
				}
				else {
					$parse = 1;
					$tpl->assign(array(
						'error_connec' => 1
					));
				}
			}
		}
	}
	else {
	$parse = 1;
	}

}
?>